Claims 



1 . A method of passing configuration infomiation between a DHCP server and a 
5 DHCP client, the method comprising: 

forming a DHCP message having a vendor-specific portion including at least 
one parameter representing configuration information encoded as a triplet comprising 
a code field, a length field, and a value field, wherein said code field includes an 
indication of encryption of the value field, and said value field comprises a set of one 
10 or more name-value pairs encrypted in accordance with the code field; and 

transmitting the DHCP message including the vendor-specific portion from 
the DHCP server to the DHCP client. 

2. The method of claim 1, wherein the value field of said triplet comprises a 
15 single name-value pair. 

3. The method of cleiim 1 , wherein the code field is used to define the form of 
encryption of the value field. 

20 4. The method of claim 3, wherein the code field is used to identify the 
encryption algorithm used for the value field. 

5. The method of claim 3, wherein the code field is used to identify the key 
length used in the encryption of the value field. 

25 

6. The method of claim 1, wherein at least one parameter included within the 
vendor specific portion is encrypted, and at least one other parameter included within 
the vendor specific portion is not encrypted. 

30 7. The method of claim 1, wherein said at least one parameter is not formally 
defined within DHCP. 
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8. The method of claim 1, wherein said encryption is performed using a key 
specific to the DHCP client. 

9. The method of claim 8, further comprising the client initially transmitting said 
5 specific key to the DHCP server. 

10. The method of claim 1, further comprising storing said at least one parameter 
in a repository on the DHCP server. 

10 11. The method of claim 1 0, further comprising: 

editing said at least one parameter on a DHCP client; and 
writing the edited at least one parameter from the DHCP client into the 
repository for storage on the DHCP server. 

15 12. The method of claim 11, further comprising replicating the stored at least one 
parameter in the repository on the DHCP server for use by one or more other DHCP 
clients. 

13. A dynamic host configuration protocol (DHCP) server comprising: 
20 a store containing DHCP information for at least one DHCP client, said DHCP 

information including a vendor-specific portion containing at least one parameter 
representing configuration information for the DHCP client encoded within a triplet 
comprising a code field, a length field, and a value field, wherein said code field 
includes an indication of encryption of the value field, and said value field comprises 
25 a set of one or more name-value pairs encrypted in accordance with the code field; 
and 

a network interface operable to transmit a DHCP message including the 
vendor-specific portion to the DHCP client. 

30 14. The apparatus of claim 13, wherein the value field of said triplet comprises a 
single name-value pair. 
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15. The apparatus of claim 13, wherein the code field is used to define the form of 
encryption of the value field. 

16. The apparatus of claim 15, wherein the code field is used to identify the 
5 encryption algorithm used for the value field. 

17. The apparatus of claim 1 5, wherein the code field is used to identify the key 
length used in the encryption of the value field. 

10 18. The apparatus of claim 13, wherein at least one parameter included within the 
vendor specific portion is encrypted, and at least one other parameter included within 
the vendor specific portion is not encrypted. 

19. The apparatus of claim 13, wherein said at least one parameter is not formally 
1 5 defined within DHCP. 

20. The apparatus of claim 13, wherein said encryption is performed using a key 
specific to the DHCP client. 

20 21 . The apparatus of claim 20, wherein the specific key is initially received from 
the DHCP client via S2dd network interface. 

22. The apparatus of claim 13, wherein said store comprises a repository on the 
DHCP server. 

25 

23. The apparatus of claim 22, wherein said network interface is operable to 
receive an edited version of said at least one parameter from the DHCP cHent and to 
write the edited at least one parameter from the DHCP client into the repository. 

30 24. The apparatus of claim 23, wherein the stored at least one parameter in the 
repository may be replicated on the DHCP server for use by other DHCP clients. 
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25. A computer program product comprising program instructions on a medium, 
wherein said instructions when executed by a machine cause the machine to: 

form a DHCP message having a vendor-specific portion including at least one 
parameter representing configuration information encoded within a triplet comprising 
5 a code field, a length field, and a value field, wherein said code field includes an 

indication of encryption of the value field, and said value field comprises a set of one 
or more name-value pairs encr5^ted in accordance with the code field; and 

transmit the DHCP message including the vendor-specific portion fi-om the 
DHCP server to the DHCP client. 

10 

26. A method of managing a DHCP server having a repository of DHCP client 
configuration data, the method comprising: 

receiving vendor-specific data representing configuration data for said client, 
wherein said vendor- specific data comprises at least one triplet of a code field, a 
15 length field, and a value field, wherein said code field includes an indication of 
encryption of the value field, and said value field comprises a set of one or more 
name-value pairs encrypted in accordance with the code field; and 

storing in the repository the received vendor-specific configuration data for the 

client. 

20 

27. A method of providing configuration information fi-om a server to a client, the 
method comprising: 

forming a message containing a vendor-specific portion including: 

at least one parameter representing configuration information encoded 
25 as a name-value pairs, wherein the name-value pair is encrypted; and 

a code segment descriptive of the encryption applied to said name- 
value pair; and 

transmitting the message including the vendor-specific portion from the server 
to the client. 

30 

28. Means for passing configuration information between a DHCP server and a 
DHCP client comprising: 
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means for forming a DHCP message having a vendor-specific portion 
including at least one parameter representing configuration information encoded 
within a triplet comprising a code field, a length field, and a value field, wherein said 
code field includes an indication of encryption of the value field, and said value field 
comprises a set of one or more name- value pairs encrypted in accordance with the 
code field; and 

means for transmitting the DHCP message including the vendor-specific 
portion firom the DHCP server to the DHCP client. 

29. A method for booting a fixed-fimction device attached to a network, said 
method comprising: 

storing boot code and a configuration locally to the device; 

booting the device using the stored boot code and the stored configuration; 

downloading a network configuration to the device; 

comparing the stored configuration with the network configuration; 

if the network configuration is different fi*om the stored configuration, storing 
the network configuration locally to the device and rebooting the device using the 
stored network configuration, and otherwise starting using the device to perform said 
fixed fimction. 

30. The method of claim 29, wherein comparing the stored configuration with a 
network configuration comprises: 

comparing £in identifier of the stored configuration with £in identifier of the 
network configuration. 

31. The method of claim 30, wherein said identifier of the stored configuration 
and said identifier of the network configuration file each comprises a version number. 

32. The method of claim 30, wherein downloading a network configuration 
comprises: 

downloading the identifier of the network configuration; and 
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downloading a network configuration file if the comparison of the identifier of 
the stored configuration with the identifier of the network configuration does not 
indicate a match. 

5 33. The method of claim 32, wherein the identifier of the network configuration is 
encoded in a vendor extensions field of a DHCP response. 

34. The method of claim 29, wherein the network configuration is downloaded 
firom a predetermined network location as stored on the device. 

10 

35. The method of claim 29, wherein booting the device includes: 
transmitting a DHCP request over the network; and 

receiving a DHCP response to said DHCP request over the network, wherein 
said DHCP response identifies a network location from which the network 
15 configuration is downloaded. 

36. The method of claim 29, wherein the network configuration is downloaded in 
encrypted form. 

20 37. The method of claim 29, wherein storing the network configuration comprises 
overwriting the stored configuration. 

38. The method of claim 29, wherein the network configuration comprises one or 
more selected configuration parameters, and wherein storing the network 
25 configuration comprises overwriting configuration parameters in the stored 

configuration corresponding to said one or more selected configuration parameters, 
and retaining configuration parameters in the stored configuration not corresponding 
to said one or more selected configuration parameters. 

30 39. The method of claim 29, wherein rebooting using the stored network 

configuration includes downloading a network configuration to the device, comparing 
the stored network configuration with the network configuration, and stEirting using 
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the device to perform said fixed function if the network configuration is the same as 
the stored configuration. 



40. Apparatus for booting a fixed-function device attached to a network, said 
5 apparatus comprising: 

means for storing boot code and a configuration locally to the device; 
means for booting the device using the stored boot code and the stored 
configuration; 

means for downloading a network configuration to the device; 
10 means for comparing the stored configuration with the network configuration; 

and means, responsive to the network configuration being different firom the 
stored configuration, for storing the network configuration locally to the device and 
for rebooting the device using the stored network configuration, and otherwise for 
starting using the device to perform said fixed function. 

15 

41 . A fixed-function device comprising: 

non- volatile storage containing boot code and a stored configuration, wherein 
the device is operable to boot using the boot code and the stored configuration; 
a network interface operable to download a network configuration to the 
20 device; and 

a processing unit operable to compare the stored configuration with the 
downloaded network configuration, wherein if the network configuration is different 
from the stored configuration, the network configuration is saved to said non-volatile 
storage, and the device is rebooted using the stored network configuration. 

25 

42. The device of claim 41, wherein the stored configuration is compared with the 
network configuration by comparing an identifier of the stored configuration with an 
identifier of the network configuration. 

30 43. The device of claim 42, wherein said identifier of the stored configuration and 
said identifier of the network configuration file each comprises a version number. 
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44. The device of claim 42, wherein downloading a network configuration 
comprises downloading the identifier of the network configuration, and wherein a 
network configuration file is also downloaded if the comparison of the identifier of 
the stored configuration with the identifier of the network configuration does not 

5 indicate a match. 

45. The apparatus of claim 44, wherein the identifier of the network configuration 
is encoded in a vendor extensions field of a DHCP response. 

10 46. The apparatus of claim 41 , wherein the network configuration is downloaded 
firom a predetermined network location as stored on the device. 

47. The apparatus of claim 41 , further comprising a DHCP client operable: 
to transmit a DHCP request over the network; and 

1 5 to receive a DHCP response to said DHCP request over the network, wherein 

said DHCP response identifies a network location fi*om which the network 
configuration is downloaded. 

48. The apparatus of claim 41, wherein the network configxiration is downloaded 
20 in encrypted form. 

49. The apparatus of claim 41, wherein saving the network configuration 
comprises overwriting the stored configuration. 

25 50. The apparatus of claim 4 1 , wherein the network configuration comprises one 
or more selected configuration parameters, and wherein saving the network 
configuration comprises overwriting configuration parameters in the stored 
configuration corresponding to said one or more selected configuration parameters, 
and retaining configuration parameters in the stored configuration not corresponding 

30 to said one or more selected configuration parameters. 
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51. The apparatus of claim 41, wherein rebooting using the stored network 
configuration includes downloading a network configuration to the device, comparing 
the stored network configuration with the network configuration, and starting using 
the device to perform said fixed function if the network configuration is the same as 
the stored configuration. 

52. A computer program product comprising program instructions on a medium, 
said instructions when loaded into a machine causing the machine to perform a 
method for booting a fixed-function device attached to a network, said method 
comprising: 

storing boot code and a configuration locally to the device; 

booting the device using the stored boot code and the stored configuration; 

downloading a network configuration to the device; 

comparing the stored configuration with the network configuration; 

if the network configuration is different from the stored configuration, storing 
the network configuration locally to the device and rebooting the device using the 
stored network configuration, and otherwise starting using the device to perform said 
fixed function. 
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